I would like to encrypt a textual (configuration) file stored on disk.
Trying to use DES encryption I've had fatal error on client machines, I later found out the algorithm could not handle accented characters (!)
I suspect that was because I was using old packages (sun.misc.BASE64Decoder
) - but I'm not sure that is the reason.
However, I'm looking for a simpler solution - I need a really simple encryption (I know some people would not agree on that) - not RSA of 128 bit keys or so, just obscuring the text from curious eyes.
It is really weird that I could not find a simple trivial solution on the web.
How can I implement a simple encryption scheme?
Check out the Java Simplified Encryption (Jasypt).
Jasypt is a java library which allows
the developer to add basic encryption
capabilities to his/her projects with
minimum effort, and without the need
of having deep knowledge on how
cryptography works.
- High-security, standards-based encryption techniques, both for
unidirectional and bidirectional
encryption. Encrypt passwords, texts,
numbers, binaries...
- Transparent integration with Hibernate.
- Suitable for integration into Spring-based applications and also
transparently integrable with ACEGI
(Spring Security).
- Integrated capabilities for encrypting the configuration of
applications (i.e. datasources).
- Open API for use with any JCE provider.
- ...and much more
I'm using this simple One-Time-Pad algorithm:
import org.apache.commons.codec.binary.Base64;
public class Cipher {
private static final String KEY = "some-secret-key-of-your-choice";
public String encrypt(final String text) {
return Base64.encodeBase64String(this.xor(text.getBytes()));
}
public String decrypt(final String hash) {
try {
return new String(this.xor(Base64.decodeBase64(hash.getBytes())), "UTF-8");
} catch (java.io.UnsupportedEncodingException ex) {
throw new IllegalStateException(ex);
}
}
private byte[] xor(final byte[] input) {
final byte[] output = new byte[input.length];
final byte[] secret = this.KEY.getBytes();
int spos = 0;
for (int pos = 0; pos < input.length; ++pos) {
output[pos] = (byte) (input[pos] ^ secret[spos]);
spos += 1;
if (spos >= secret.length) {
spos = 0;
}
}
return output;
}
Don't forget to add commons-codec
to classpath.
Encryption algorithms work on raw bytes, not characters.
The reason you couldn't handle accented characters was because the code you were using to convert the characters to and from raw bytes didn't handle Unicode.
You should use AES; for an example of how to use it in Java, see here.
EDIT: Right now, you might just be hiding it from curious eyes, but there's no telling what the future will hold, and it is always much better to use strong encryption now and not find out, to late, that you should have but didn't.
How about ROT13? It's probably the most simple and worst encryption ever (it was also called the Caeser's Cipher)
Here's a basic implementation in Java by Jay Kominek:
import java.io.*;
public class rot13 {
public static void main (String args[]) {
int abyte = 0;
try { while((abyte = System.in.read())>=0) {
int cap = abyte & 32;
abyte &= ~cap;
abyte = ((abyte >= 'A') && (abyte <= 'Z') ? ((abyte - 'A' + 13) % 26 + 'A') : abyte) | cap;
System.out.print(String.valueOf((char)abyte));
} } catch (IOException e) { }
System.out.flush();
}
}
If you're not looking to really encrypt the text, why not encode with Base64? It'll look like nonsense, and it's very easy to decode. Plus, you're already using Base64 code...
If you have a single piece of text to encrypt, what about a one-time-pad? A one-time-pad is very easy to create; all you need is a random sequence of bytes the same length as the data you are encrypting
See How do I use 3des encryption/decryption in Java? BASE64Encoder
is used to represent the ciphered array of bytes, not the actual input.